Motivation As a distributor we offer various security products from different vendors. On the one hand these are FortiGate and PaloAltoNetworks NGFW firewalls to make the perimeter more secure, on the other hand products & services from Kaspersky. Kaspersky offers various threat feeds that can be used in other products….
PAN Security Advisory CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
Palo Alto Networks discovered a vulnerability (CVE-2024-3400) with a CVSSv4.0 base score of 10 that impacts PAN-OS version 10.2+ with GlobalProtect enabled. We strongly recommend all to review the advisory for remediation steps. Are you affected? This vulnerability does not apply to you if any one of the following apply:…
Palo Alto Emergency Update Required – PAN-OS Root and Default Certificate Expiration
PAN-OS Root and Default Certificate are going to expire on December 31, 2023 which will make Firewalls and Panorama to lose connectivity to Palo Alto Networks cloud services.This will potentially cause outages and impact network traffic.
Swisscom Centro Business: Incoming HTTPS-Sessions and SSLVPN stop working
In the last two weeks we have received many support requests because of non-functioning SSL connections from our Fortinet, Palo Alto Networks and Watchguard customers. Incoming SSL connections on port tcp/443 suddenly stop working. These can be SSLVPNs, Global Protect connections, port forwardings (VIPs, Destination NAT) for internal web servers…
CheatSheet – PANOS 10.1
We have created a cheat sheet for Palo Alto firewalls with all important commands for troubleshooting.The cheat sheet was created for PANOS version 10.1. We have divided the cheat sheet into different sections like general commands, session debugging, service debugging and feature related debugging commands so that the needed commands…
Information on Log4j Vulnerability / CVE-2021-44228
Hi all, another vulnerability – log4j – is keeping us all on our toes.In this blog article you will find information about log4j from our vendors.
PaloAlto EDL Hosting Service
If you want to configure rules for Saas services on the PaloAlto Firewall, you can do this using the App ID for the particular service, or you can use the IP addresses, Domains or URLs of the service in the policy. However, since Saas services typically do not use only…
Windows update breaks SSO event log readers (FSSO, PAN UIA, WG ELM)
Microsoft has released KB5003646 on the 6th of June 2021. Part of this update is a security hardening measurement to align with recommendations as a conclusion out of CVE-2021-31958. As a known issue of this KB5003646, microsoft has noted in the release notes: “After installing this or later updates, apps…
Exchange Pwn2Own Vulnerability April 2021 (Yes, a new one – it’s not Hafnium anymore!)
Let’s mention the important things first: Please patch you vulnerable Exchange 2013, 2016 and 2019 immediately! The page msxfaq has published an infosite to this vulnerability including the instructions how to fix your Exchange. Some security researchers have demonstrated three high risk vulnerabilities for exchange server systems. Microsoft has published…
Exchange Hafnium Vulnerability March 2021
Let’s mention the important things first: Please patch you vulnerable Exchange 2013, 2016 and 2019 immediately! The page msxfaq has published an infosite to this vulnerability including the instructions how to fix your Exchange. Even though we, as Boll Engineering AG, are not associated in any way with the affected…